Permutation cipher encryption for processor-accelerator memory mapped input/output communication

ABSTRACT

Technologies for secure data transfer of MMIO data between a processor and an accelerator. A MIMO security engine includes a first permutation cipher pipeline to defuse a count and a key into a permutation state; a first exclusive-OR (XOR) to generate ciphertext data from 64-bits of the new permutation state; and plaintext data; a concatenator to concatenate the plaintext data and additional authenticated data (AAD) to produce a concatenation result; a second XOR to generate an XOR result from the concatenation result and the latest permutation state; and a second permutation pipeline to generate an authentication tag of the XOR result and the key.

BACKGROUND

In some cloud and high-volume data analytics computing environments,compute intensive workloads are often offloaded from processors toaccelerators to achieve higher performance. Security in suchprocessor-accelerator communication is a critical requirement;otherwise, important information might be leaked or spoofed during thiscommunication that might cause an incorrect data analytic result, lossof privacy of the data, or loss of intellectual property (IP).Applications with security requirements want to benefit fromheterogeneous computing resources in cloud computing environmentswithout any loss in security or privacy. Use of encryption to protectthe communication between a trusted execution environment (TEE) in theprocessor and the accelerator, thereby providing privacy, integrity, andanti-replay protection, is a possible solution but encryption consumesscarce system resources and may add performance overhead. Existingsolutions based on Advanced Encryption Standard (AES)-Galois/CounterMode (GCM) encryption require a large circuit area and a large powerbudget that limit widespread use, especially for applications using alarge hardware kernel.

BRIEF DESCRIPTION OF THE DRAWINGS

The concepts described herein are illustrated by way of example and notby way of limitation in the accompanying figures. For simplicity andclarity of illustration, elements illustrated in the figures are notnecessarily drawn to scale. Where considered appropriate, referencelabels have been repeated among the figures to indicate corresponding oranalogous elements.

FIG. 1 is a block diagram of a computing device according to one or moreembodiments.

FIG. 2 is a block diagram of a memory-mapped input/output (I/O) (MMIO)security engine of the computing device according to one or moreembodiments.

FIG. 3 is a block diagram of a computing environment of the computingdevice according to one or more embodiments.

FIG. 4 is a block diagram of an encryption engine according to one ormore embodiments.

FIG. 5 is a block diagram of a decryption engine according to one ormore embodiments.

FIG. 6 is a flow diagram of cryptography processing forprocessor-accelerator communication according to one or moreembodiments.

FIG. 7 is a flow diagram of MMIO transfer management processingaccording to one or more embodiments.

FIG. 8 is a flow diagram of MMIO transfer processing according to one ormore embodiments.

DETAILED DESCRIPTION

The technology described herein provides a low circuit area, low power,low latency, and high throughput cryptographic design for protectingMMIO communications between a processor and an accelerator againstinformation leakage, spoofing, slicing, and denial of service (DoS)attacks. The reduced circuit area and reduced power requirements of thistechnology allows implementation of cryptographic operations with areduced size of a sequestered portion of the accelerator from the user'smemory space. The technology protects in-line data during transferbetween the processor and the accelerator without requiring bufferingprior to processing and without stalling data transfers. This technologyalso provides security without any performance overhead on existingunsecured MMIO transfers.

The technology described herein is based on a lightweight cryptographicpermutation technique. In some embodiments, the encryption/decryptionoperates on 64-bit data blocks. In one implementation, this technologyprovides approximately 8× lower latency compared to an existing AES-GCMbased technique.

While the concepts of the present disclosure are susceptible to variousmodifications and alternative forms, specific embodiments thereof havebeen shown by way of example in the drawings and will be describedherein in detail. It should be understood, however, that there is nointent to limit the concepts of the present disclosure to the particularforms disclosed, but on the contrary, the intention is to cover allmodifications, equivalents, and alternatives consistent with the presentdisclosure and the appended claims.

References in the specification to “one embodiment,” “an embodiment,”“an illustrative embodiment,” etc., indicate that the embodimentdescribed may include a particular feature, structure, orcharacteristic, but every embodiment may or may not necessarily includethat particular feature, structure, or characteristic. Moreover, suchphrases are not necessarily referring to the same embodiment. Further,when a particular feature, structure, or characteristic is described inconnection with an embodiment, it is submitted that it is within theknowledge of one skilled in the art to implement such feature,structure, or characteristic in connection with other embodimentswhether or not explicitly described. Additionally, it should beappreciated that items included in a list in the form of “at least oneA, B, and C” can mean (A); (B); (C); (A and B); (A and C); (B and C); or(A, B, and C). Similarly, items listed in the form of “at least one ofA, B, or C” can mean (A); (B); (C); (A and B); (A and C); (B and C); or(A, B, and C).

The disclosed embodiments may be implemented, in some cases, inhardware, firmware, software, or any combination thereof. The disclosedembodiments may also be implemented as instructions carried by or storedon a transitory or non-transitory machine-readable (e.g.,computer-readable) storage medium, which may be read and executed by oneor more processors. A machine-readable storage medium may be embodied asany storage device, mechanism, or other physical structure for storingor transmitting information in a form readable by a machine (e.g., avolatile or non-volatile memory, a media disc, or other media device).

In the drawings, some structural or method features may be shown inspecific arrangements and/or orderings. However, it should beappreciated that such specific arrangements and/or orderings may not berequired. Rather, in some embodiments, such features may be arranged ina different manner and/or order than shown in the illustrative figures.Additionally, the inclusion of a structural or method feature in aparticular figure is not meant to imply that such feature is required inall embodiments and, in some embodiments, may not be included or may becombined with other features.

Referring now to FIG. 1, an illustrative computing device 100 for lowarea, low power, low latency and high throughput cryptography processingfor processor-accelerator communication includes a processor 120 and anaccelerator device 136. Accelerator 136 includes one or more hardwareimplemented security engines, illustratively a direct memory access(DMA) security engine 138 and a MMIO security engine 140. In at leastone embodiment, accelerator 136 is implemented as a field programmablegate array (FPGA). In use, as described further below, computing device100 initializes security engines 138, 140, which pre-fills cryptographicpipelines and pre-computes counter values, hash subkeys, and othervalues. DMA security engine 138 protects DMA transactions. MMIO securityengine 140 protects MMIO transactions. After initialization is complete,computing device 100 generates DMA or MMIO transactions betweenprocessor 120 and accelerator 136, and the respective security engines138, 140 perform authenticated cryptographic operations (e.g.,authenticated encryption or authenticated decryption) on the transferreddata in-line. A block of multiple DMA and/or MMIO transactions may beprotected without re-initialization of security engines 138, 140. Asdescribed further below, security engines 138, 140 perform cryptographicoperations with low latency (e.g., 1-2 clock cycles) and high bandwidth,and without the need to buffer data prior to processing or to stall thedata transfers. Accordingly, computing device 100 provides securitywithout incurring significant additional overhead for data streamedbetween processor 120 and accelerator 136 as compared to existing,unsecured communications. Additionally, as described further below,computing device 100 provides protection against certain denial ofservice (DoS) attacks.

Computing device 100 may be embodied as any type of device capable ofperforming the functions described herein. For example, computing device100 may be implemented as, without limitation, a computer, a laptopcomputer, a tablet computer, a notebook computer, a mobile computingdevice, a smartphone, a wearable computing device, a multiprocessorsystem, a server, a workstation, and/or a consumer electronic device. Asshown in FIG. 1, the illustrative computing device 100 includesprocessor 120, input/output (I/O) subsystem 124, memory 130, and datastorage device 132. Additionally, in some embodiments, one or more ofthe illustrative components may be incorporated in, or otherwise form aportion of, another component. For example, memory 130, or portionsthereof, may be incorporated in processor 120 in some embodiments.

Processor 120 may be embodied as any type of processor capable ofperforming the functions described herein. For example, processor 120may be embodied as a single or multi-core processor(s), digital signalprocessor, microcontroller, or other processor or processing/controllingcircuit. As shown, processor 120 illustratively includes secure enclavesupport 122, which allows processor 120 to establish a trusted executionenvironment (TEE) known as a secure enclave, in which executing code maybe measured, verified, and/or otherwise determined to be authentic.Additionally, code and data included in the secure enclave may beencrypted or otherwise protected from being accessed by code executingoutside of the secure enclave. For example, code and data included inthe secure enclave may be protected by hardware protection mechanisms ofprocessor 120 while being executed or while being stored in certainprotected cache memory of the processor. The code and data included inthe secure enclave is encrypted when stored in a shared cache or mainmemory 130. Secure enclave support 122 is embodied as a set of processorinstruction extensions that allows the processor to establish one ormore secure enclaves in the memory 130. For example, in one embodimentthe secure enclave support 122 is embodied as Intel® Software GuardExtensions (SGX) technology.

Memory 130 may be embodied as any type of volatile or non-volatilememory or data storage capable of performing the functions describedherein. In operation, the memory 130 stores various data and softwareused during operation of computing device 100 such as operating systems,applications, programs, libraries, and drivers. As shown, memory 130 iscommunicatively coupled to the processor 120 via I/O subsystem 124,which is implemented as circuitry and/or components to facilitateinput/output operations with processor 120, memory 130, and othercomponents of the computing device. For example, the I/O subsystem 124may be embodied as, or otherwise include, memory controller hubs,input/output control hubs, sensor hubs, host controllers, firmwaredevices, communication links (i.e., point-to-point links, bus links,wires, cables, light guides, printed circuit board traces, etc.) and/orother components and subsystems to facilitate the input/outputoperations.

As shown, I/O subsystem 124 includes DMA security engine 126 and MMIOsecurity engine 128. Processor 120, including secure enclavesestablished with secure enclave support 122, communicates with theaccelerator using one or more DMA transactions using DMA security engine126 and/or using one or more MMIO transactions using MMIO securityengine 128. As described further below, the transactions arecryptographically protected using corresponding security engines 138,140 of accelerator 136. Computing device 100 may include multiple DMAsecurity engines 126 and/or MMIO security engines 128 for handling DMAand MMIO transactions, respectively, based on desired bandwidth betweenprocessor 120 and accelerator 136. Although illustrated as beingincluded in I/O subsystem 124, it should be understood that in someembodiments DMA security engine 126 and/or the MMIO security engine 128are included in other components of the computing device (e.g.,processor 120, memory controller, or system agent), or in someembodiments are implemented as separate components. Thus, in someembodiments, memory 130 may be directly coupled to processor 120, forexample via an integrated memory controller hub. Additionally, in someembodiments, I/O subsystem 124 forms a portion of a system-on-a-chip(SoC) and is incorporated, along with processor 120, memory 130,accelerator 136, and/or other components of the computing device, on asingle integrated circuit chip. Additionally or alternatively, in someembodiments processor 120 includes an integrated memory controller and asystem agent, which may be embodied as a logic block in which datatraffic from processor cores and I/O devices converges before being sentto memory 130.

Data storage device 132 may be embodied as any type of device or devicesconfigured for short-term or long-term storage of data such as, forexample, memory devices and circuits, memory cards, hard disk drives,solid-state drives, non-volatile flash memory, or other data storagedevices. Computing device 100 may also include communications subsystem134, which may be implemented as any communication circuit, device, orcollection thereof, capable of enabling communications between computingdevice 100 and other remote devices over a computer network (not shown).Communications subsystem 134 may be configured to use any one or morecommunication technology (e.g., wired or wireless communications) andassociated protocols (e.g., Ethernet, Bluetooth®, Wi-Fi®, WiMAX, 3G, 4GLTE, etc.) to implement such communication.

Accelerator 136 may be embodied as a FPGA, an application-specificintegrated circuit (ASIC), a coprocessor, or other digital logic devicecapable of performing accelerated functions (e.g., acceleratedapplication functions, accelerated network functions, or otheraccelerated functions). Illustratively, accelerator 136 is an FPGA,which is embodied as an integrated circuit including programmabledigital logic resources that may be configured after manufacture. TheFPGA includes, for example, a configurable array of logic blocks incommunication over a configurable data interchange. Accelerator 136 iscoupled to the processor 120 via a high-speed connection interface suchas a peripheral bus (e.g., a PCI Express bus) or an inter-processorinterconnect (e.g., an in-die interconnect (IDI) or QuickPathInterconnect (QPI)), or via any other appropriate interconnect.Accelerator 136 receives data and/or commands for processing fromprocessor 120 and return results data to the processor via DMA, MMIO, orother data transfers.

As shown, accelerator 136 includes DMA security engine 138 and secureMMIO security engine 140. As described further below, the securityengines perform in-line authenticated cryptographic operations on datatransferred between processor 120 and accelerator 136. Althoughillustrated as being included in accelerator 136, it should beunderstood that in some implementations security engines 138, 140 areincluded in other components of the computing device, or in someembodiments may be implemented as separate components.

As shown, computing device 100 further includes one or more peripheraldevices 142. Peripheral devices 142 include any number of additionalinput/output devices, interface devices, hardware accelerators, and/orother peripheral devices. For example, in some embodiments, peripheraldevices 142 include a touch screen, graphics circuitry, a graphicalprocessing unit (GPU) and/or processor graphics, an audio device, amicrophone, a camera, a keyboard, a mouse, a network interface, and/orother input/output devices, interface devices, and/or peripheraldevices.

Referring now to FIG. 2, an illustrative embodiment of MMIO securityengine 140 is shown. MMIO security engine 140 includes permutationcipher engine for MIMO 202. The permutation cipher engine for MIMO 202is embodied as digital logic resources that perform permutation cipherencryption. As shown, MMIO security engine 140 also includes registers206 and counters/control logic 208. MMIO security engine 140 receivesinput data and generates output data. The input data and output data areembodied as blocks of binary data. MMIO security engine 140 alsoreceives and/or asserts other data signals, including additionalauthenticated data (AAD), authentication tags (ATs), encryption keys,control signals, and/or other signals.

The particular number and/or arrangement of components of MMIO securityengine 140 may scale depending on the type of data transfer and/or theamount of data processed per transaction. For MMIO transfers, after thesetup phase, MMIO security engine 140 is ready for data transfers andproduces encrypted/decrypted output in the next clock cycle of a validinput (e.g., plaintext to ciphertext latency is 1 clock cycle andciphertext to plaintext latency is 1 clock cycle). MMIO security engine140 continually streams out encrypted/decrypted data in each clockcycle. MMIO security engine 140 processes 64 bits of data pertransaction (e.g., per clock cycle).

Referring now to FIG. 3, in an illustrative embodiment, computing device100 establishes a computing environment 300 during operation. Theillustrative environment 300 includes trusted execution environment(TEE) 302, initialization manager 304, transfer manager 306, and MIMOsecurity engine 140. The various components of environment 300 may beembodied as hardware, firmware, software, or a combination thereof. Assuch, in some embodiments, one or more of the components of environment300 are embodied as circuitry or a collection of electrical devices(e.g., trusted execution environment circuitry 302, initializationmanager circuitry 304, transfer manager circuitry 306, and/or MIMOsecurity engine circuitry 140). It should be appreciated that, in suchembodiments, one or more of trusted execution environment circuitry 302,initialization manager circuitry 304, transfer manager circuitry 306,and/or MIMO security engine circuitry 140 form a portion of processor120, I/O subsystem 124, accelerator device 136, and/or other componentsof computing device 100. Additionally, in some embodiments, one or moreof the illustrative components form a portion of another componentand/or one or more of the illustrative components are independent of oneanother.

Trusted execution environment 302 may be embodied as any trustedexecution environment of computing device 100 that is authenticated andprotected from unauthorized access using hardware support of computingdevice 100, such as secure enclave support 122 of processor 120.Illustratively, trusted execution environment 302 is a secure enclaveestablished using Intel SGX technology. As shown, trusted executionenvironment 302 includes initialization manager 302 and transfer manager306. In some embodiments, initialization manager 302 and the transfermanager 306 are included in separate trusted environments (e.g.,separate enclaves).

Initialization manager 304 is configured to initialize MIMO securityengine 140 with a secret key. The secret key may be provided by trustedexecution environment 302. Initializing MIMO security engine 140includes asserting a start signal to the MIMO security engine andinserting the key into permutation cipher engine for MMIO 202 inresponse to receiving the start signal. In this process the input keymay be expanded to the size of the underlying permutation state.However, if the key provided by initialization manager 304 has the samesize of the underlying permutation state then the key cannot be furtherexpanded Initializing MIMO security engine 140 further includesinitializing an initial counter block as a function of the IV inresponse to receiving the start signal, inserting a counter block basedon the initial counter block into one or more portions of permutationcipher engine for MMIO 202, executing a predetermined number ofpermutation cipher rounds (e.g., 12 rounds) with the permutation cipherengine for MMIO 202 in response to inserting the counter blocks, andasserting a ready signal by MIMO security engine 140 in response toexecuting the predetermined number of block cipher rounds.

Transfer manager 306 is configured to initiate a data transfer operationbetween trusted execution environment 302 and accelerator 136 inresponse to initializing the MIMO security engine. In some embodiments,the data transfer operation is a MMIO transaction with a single inputdata block. For MMIO transactions, transfer manager 306 may be furtherconfigured to calculate, by trusted execution environment 302, anexpected authentication tag (AT) value for the data transfer operationand to write, by trusted execution environment 302, the expectedauthentication tag value to MIMO security engine 140.

MIMO security engine 140 is configured to perform an authenticatedcryptographic operation for the data transfer operation in response toinitiating the data transfer operation. The authenticated cryptographicoperation may be embodied as a 64-bit permutation cipher cryptographicoperation including authenticated encryption or authenticateddecryption. Here “64-bit” means that the output of the permutationfunction has 64 bits to support 64-bit MMIO word-sized transactions.However, the permutation function itself may have larger state sizes;for example, 257 bits, 384 bits, 400 bits, 800 bits, 1,600 bits etc.

For MMIO operations, performing the authenticated cryptographicoperation includes performing a cryptographic operation with permutationcipher engine for MMIO 202 on the input data block to generate an outputdata block and generating a final authentication tag value based on aMIMO block (e.g., the plaintext data block for encryption or theciphertext data block for decryption). MIMO security engine 140 comparesthe final authentication tag value to an expected authentication tagvalue written by the trusted execution environment 302.

As used herein, the initialization vector (IV) is a nonce valueassociated with a particular block of MMIO transactions. The secret keyis any symmetric encryption key used to protect data transferred betweenprocessor 120 and accelerator 136. In an embodiment, the secret keycomprises at least 128 bits. The additional authenticated data (AAD)comprises any addressing data, metadata, or other data related to a MMIOtransaction that will be authenticated but not encrypted by MMIOsecurity engine 140. The keystream is the output data from performing anexclusive-OR (XOR) operation on the plaintext data and the output ofpermutation cipher pipeline 1 406 described below on a count and thesecret key. In one embodiment, the authentication tag is 64 bits.

MMIO communication between processor 120 and accelerator 136 carrieseither 32-bit data or 64-bit data with up to 128-bits of additionalauthenticated data (AAD). Confidentiality and integrity protections areprovided to each MMIO transaction independently. There might beindependent MMIO transactions in consecutive cycles. This requires anencryption and authentication tag computation technique with anencrypted/decrypted value and tag in every cycle that can accommodate upto 64-bit data with 128-bit AAD and compute the correspondingauthentication tag. In an embodiment, the encryption and authenticationtag computation technique comprise a plurality of 64-bit permutationciphers authentication scheme.

Permutation functions are useful to encrypt data as well as to provideintegrity protections. The technology described herein does not requireadditional primitives (such as one or more Galois field multipliers) toprovide encryption and integrity protections. In an embodiment, the samepermutation cipher pipeline is used for both encryption and decryption.The technique described herein can be built with any 64-bit permutationcipher. In one embodiment, the permutation cipher used for permutationcipher engine for MIMO 202 is as described in “GIMLI” by Daniel J.Bernstein, et al., University of Illinois at Chicago, Mar. 29, 2019. Inanother embodiment, the permutation cipher used for permutation cipherengine for MIMO 202 is as described in “Xoodoo Cookbook” by Joan Daemen,et al., Radboud University, 2018. In another embodiment, the permutationcipher used for permutation cipher engine for MIMO 202 is as describedin “The Subterranean 2.0 Cipher Suite” by Joan Daemen, et al., RadboudUniversity, Mar. 20, 20219. In another embodiment, the permutationcipher used for permutation cipher engine for MIMO 202 is as describedin “Federal Information Processing Standards (FIPS) Publication (pub)202: SHA-3 Standard: Permutation-Based Hash and Extendable OutputFunctions,” National Institute of Standards and Technology, August 2015.Other permutation ciphers now know or hereafter developed may also beused.

Embodiments of permutation cipher engine for MMIO 202 take an IV and akey as input when the start of the engine is asserted. Once thepermutation cipher engine for MMIO 202 is ready, the latency of theauthentication tag computation is the ultimate latency added from datainput to output. This latency includes the latency of the 64-bitpermutation cipher pipelines (2-6 cycles)+2 XORs, which results in 3-7cycles latency from data input to data output. In one embodiment, apermutation cipher is implemented with a depth-2 pipeline. In this case,the initial setup of the permutation cipher engine takes two cycles anddata input to output has a latency of 3 cycles.

In one embodiment, permutation cipher engine for MMIO 202 is implementedwith two 64-bit permutation cipher pipelines to support throughput up toa 64-bit MMIO message transfer in each clock cycle. This allows thepermutation cipher engine for MMIO 202 to have throughput with inlinebus speed without any buffering. The permutation cipher engine for MMIO202 supports up to 128-bit AAD (e.g., metadata). If a longer AAD isdesired, then additional permutation cipher engines may need to be addedfor which latency will be increased while maintaining the samethroughput. However, if the permutation cipher has larger state sizessuch as 800-bit and 1,600-bit, then AAD can be increased up to 512-bitand 1024-bit, respectively.

In one embodiment, the encrypted data and the authentication tag iscomputed in Equation 1 as:

State_init=key∥count∥pad

State_1=permutation (State_init)

Ciphertext Data =State_1_(L64){circumflex over ( )}Plaintext Data

Tag=LSB₆₄ after permutation (State_1 XOR {Plaintext Data ∥AAD ∥pad}),

State represents the state variable of the permutation function. Theinitial state (State_init) is formed by concatenating the key followedby the count, followed by the pad (0*). The underlying permutationfunction is performed on the initial state variable and the State_1 iscomputed. The ciphertext data 412 is computed as the XOR between theleast significant 64 bits of the State_1 and the 64-bit plaintext data408. The least significant 64 bits of the final state variable comprisesthe tag value 446 used for authentication of plaintext data 408.

A 32-bit IV is the input data for the permutation cipher engine for MMIO202 and the permutation cipher engine forms the 64-bit initial Countvalue as:

Count=32-bit all-0∥32-bit IV

The Count for each new data processing is updated as follows:

Count=(Count_(63:0)+1-bit “1”). In other words, in this update, the IVis incremented by 1.

FIG. 4 is a block diagram of an encryption engine 400 according to oneor more embodiments. In one embodiment, encryption engine 400 is animplementation of permutation cipher engine for MMIO 202 of FIG. 2. FIG.4 shows the encryption engine 400 that provides for encryption of one64-bit plaintext data 408 with an associated 64-bit authentication tag446 in each clock cycle. Plaintext data 408 (64 bits) is input toconcatenation (“∥”) operation 416 along with the additionalauthentication data (AAD) (e.g., 128 bits) 414 to produce, for example,a 192-bit concatenation result. In one embodiment, the plaintext data isconcatenated to the AAD. In another embodiment, the AAD is concatenatedto the plaintext data. Secret key 402 and count 404 are input to 64-bitpermutation cipher pipeline 1 406. 64-bit permutation cipher pipeline 1406 defuses the count and key into a permutation state. 64-bitpermutation cipher pipeline 1 406 and 64-bit permutation cipher pipeline2 420 are implementations of one of the permutation ciphers describedabove (e.g., GIMLI, Xoodoo, Subterranean, Keccak, etc.). As used herein,the variable N represents the state size of the permutation cipher. Forexample, N=384 for GIMLI and Xoodoo permutation ciphers, N=257 for theSubterranean permutation cipher, and N=1,600 for the Keccak permutationcipher. Regardless of the permutation cipher implemented in 64-bitpermutation cipher pipeline 1 406, only the least significant 64 bits ofthe result of the permutation cipher pipeline 1 (e.g., the permutationstate) are input to exclusive-OR (XOR₁) 410.XOR₁ 410 also takesplaintext data 408 as input data. The result of XOR₁ 410 is 64-bitciphertext data 412.

All N bits output from 64-bit permutation cipher pipeline 1 406 (e.g.,the permutation state) are passed to XOR₂ 418. XOR₂ 418 also takes asinput the 192-bit concatenation result of plaintext data 408 and AAD414. The result of XOR₂ is input to 64-bit permutation cipher pipeline 2420 along with key 402. The result of processing the 64-bit permutationcipher pipeline 2 420 is the 64-bit authentication tag (AT) 446. Thecount is incremented for processing of the next 64-bit data in the nextclock cycle.

FIG. 5 is a block diagram of a decryption engine 500 according to one ormore embodiments. In one embodiment, decryption engine 500 is animplementation of 64-bit block cipher engine for MMIO 202 of FIG. 2.FIG. 5 shows the decryption engine 500 that provides for decryption ofone 64-bit ciphertext data 412 with an associated 64-bit authenticationtag 502 in each clock cycle. Ciphertext data 412 is input to XOR₁ 410along with N bits of the output of 64-bit permutation cipher pipeline 1406 (which defuses on key 402 and count 404) to produce 64-bits ofplaintext data 408 as a permutation state. Other components shown for64-bit permutation cipher engine for MMIO 202 are used to generateauthentication tag 502 in processing similar to that described above inFIG. 4. In particular, plaintext data 408 is concatenated 416 with AAD414 and the 192-bit concatenation result is input to XOR₂ 418 (alongwith the latest permutation state).

Additionally, to provide minimal performance overhead, 64-bit blockcipher engine for MMIO 202 engines include the following features.Embodiments provide for in-line encryption: data is processed as thedata is transferred. There is no need to buffer data for processing norto stall transfers to allow for data processing. Embodiments provide forinitial latency to be hidden during setup processing: the keystream andthe count are derived inside the engine from the secret key and the IVbefore starting the data transfer so the sending and receiving devicesdo not perceive the setup clocks as extra latency during data transferEmbodiments provide for generation of an on-time authentication tag:MMIO transactions that must be validated in each transaction transfer asmall amount of data before execution. For a permutation cipherimplementation, the authentication tag is computed on each individualAAD and data in each cycle.

Referring now to FIG. 6, in use, in one embodiment computing device 100executes method 600 for low-latency cryptography processing forprocessor-accelerator communication for a block of MMIO transactions. Itshould be appreciated that, in some embodiments, the operations ofmethod 600 are performed by one or more components of computingenvironment 300 of computing device 100 as shown in FIG. 3. The methodbegins in block 602, in which computing device 100 initializes MIMOsecurity engine 140 using an initialization vector IV and a secret keyK. The IV is a nonce value associated with a particular block of MMIOtransactions. MIMO security engine 140 may be initialized, for example,in response to a signal from processor 120 caused by trusted executionenvironment 302.

The value for IV may be determined according to one or more AES-GCMspecifications. The secret key K may be embodied as any symmetricencryption key used to protect data transferred between the processor120 and the accelerator 136. During initialization, MIMO security engine140 pre-computes values, primes encryption pipelines, and otherwiseprepares to process data transfers. Initializing the MIMO securityengine may hide pipeline latency or other latency associated with theMIMO security engine 140. In one embodiment, initialization may require2 clock cycles for MMIO.

In block 610, MIMO security engine 140 checks for input MMIO data. TheMMIO data may be embodied as 32 bits or 64 bits of data. In block 612,MIMO security engine 140 determines whether input data has beenreceived. If so, the method branches to block 616, described below. Ifno input data was received, the method loops back to block 610 tocontinue checking for input MMIO data.

At block 616, MIMO security engine 140 performs a cryptographicoperation on the input data block. In some embodiments, in block 618 theMIMO security engine 140 encrypts the input data. For example, the MIMOsecurity engine encrypts plaintext data 408 received from accelerator136 before the data is transferred to processor 120, as in an MMIO readresponse. In some embodiments, in block 620 the MIMO security engine 200decrypts the input data. For example, the MIMO security engine 140decrypts ciphertext data 412 received from processor 120 before the datais transferred to accelerator 136, as in an MMIO write.

In block 622, MIMO security engine 140 generates an authentication tag(AT) 446 or 502 based on the ciphertext (encrypted) or plaintext(decrypted) block(s). The ciphertext blocks are the input data to MIMOsecurity engine 140 (e.g., for decryption operations) or the output datafrom the MIMO security engine (e.g., for encryption operations). The ATis generated using multiple permutation cipher pipelines 40, 420 and oneor more other values (e.g., ciphertext/plaintext, additionalauthenticated data (AAD), etc.). As described further below, the AT isused by processor 120 and/or accelerator 136 to verify that an MMIOtransaction was authentic and unaltered. After performing thecryptography operation and the authentication operation, the method 600loops back to block 610 to continue monitoring for input MMIO data.

Referring now to FIG. 7, in use, in one embodiment computing device 100executes a method 700 for MMIO transaction block management. It shouldbe appreciated that, in some embodiments, the operations of the method700 are performed by one or more components of computing environment 300of computing device 100 as shown in FIG. 3, such as trusted executionenvironment 302. The method 700 begins in block 702, in which processor120 asserts a start signal to MMIO security engine 140. The processorprovides the initialization vector IV, secret key K 402, and additionalauthenticated data (AAD) to MMIO security engine 140. The processor mayuse any technique to security communicate that data to MMIO securityengine 140. As described above, IV is a nonce value associated with ablock of MMIO transactions and is started with a random 32-bit input tothe engine and is updated for each MMIO transaction (based onCount=(Count_(63:0)+1-bit “1”)). The secret key K is embodied as anysymmetric encryption key used to protect data transferred betweenprocessor 120 and accelerator 136. The key K may be protected fromunauthorized disclosure by trusted execution environment 302, forexample by being maintained in a secure enclave established using secureenclave support 122 of processor 120. The AAD is any addressing data,metadata, or other data related to the MMIO transaction that will beauthenticated but not encrypted by MMIO security engine 140. In responseto the start signal, the MMIO security engine performs an initializationprocess as described above.

In block 704, processor 120 waits for a ready for data signal to beasserted by the MMIO security engine 140. As described above, the readyfor data signal is asserted when the MMIO security engine 140 completesits initialization process. Processor 120 may poll, wait for aninterrupt, or otherwise monitor for the ready for data signal. After theready for data signal is asserted, the method 700 proceeds to block 706.

In block 706, the processor loads an expected value of theauthentication tag (AT) for an MMIO request into a register 206 of MMIOsecurity engine 140. The MMIO request is an MMIO write request or anMMIO read request. The AT is determined by the processor, for example,by trusted execution environment 302, based on 64-bit block cipherengine for MMIO 202. The expected AT depends upon the ciphertext andadditional authenticated data (AAD) of the MMIO request. If theciphertext is not known ahead of time, for example for MMIO readrequests, the authentication AT is based on AAD with no ciphertext(e.g., ciphertext of length zero) or with a predetermined constantciphertext or other known value of ciphertext (e.g., a zero block). Asdescribed further below, MMIO read responses are generated byaccelerator 136, and thus the processor does not predetermine an AT forMMIO read responses.

In block 708, method 700 switches based on whether the MMIO request isan MMIO write request or an MMIO read request. If the MMIO request is aread request, the method branches to block 714, described below. If theMMIO request is a write request, the method branches to block 710.

In block 710, the processor sends an MMIO write request to MMIO securityengine 140, including ciphertext data to be written to accelerator 136.As described further below, the ciphertext data is decrypted by MMIOsecurity engine 140 and transferred to accelerator 136. The MMIO writerequest is issued by processor 120 using MMIO security engine 128 orother components of the processor or SoC. MMIO requests are performedwith small (e.g., 64-bit) payloads, and there may be an MMIO requestevery clock cycle that requires confidentiality and integrityprotection. The execution of an MMIO transaction is conditional on theintegrity of the MMIO transaction request. The MMIO request includes anaddress in MMIO space, encrypted data, or other data associated with theMMIO request.

In block 712, the processor securely reads a fail flag from MMIOsecurity engine 140. As described further below, for MMIO write requeststhe MMIO security engine calculates a final AT value and compares thefinal AT value to the expected AT value provided by the processor inconnection with block 706. If the final AT value and the expected ATvalue do not match, then secure MMIO security engine 140 sets the failflag. After reading the fail flag, the method advances to block 722.

In block 722, the processor checks whether the MMIO write request wassuccessfully performed (e.g., whether or not the fail flag was set). Ifthe write was not successful, method 700 branches to block 724, in whichthe processor indicates an authentication error. Referring back to block722, if the MMIO write request was successfully performed, the methodloops back to block 706, in which the processor may perform additionalMMIO requests.

Referring back to block 708, if the MMIO request is a read request, themethod branches to block 714, in which the processor sends an MMIO readrequest. The MMIO read request may be issued by processor 120 using theMMIO security engine 128 or other components of the processor or SoC. Asdescribed above, MMIO requests are typically performed with small (e.g.,64-bit) payloads, and there may be an MMIO request every clock cyclethat requires confidentiality and integrity protection. The execution ofthe MMIO transaction is conditional on the integrity of the MMIOtransaction request. The MMIO read request includes an address in MMIOspace or other data associated with the MMIO read request.

In some embodiments, in block 716, the processor securely reads a failflag from the MMIO security engine 140. As described further below, forMMIO read requests the MMIO security engine 140 calculates a final ATvalue and compares the final AT value to the expected AT value providedby the processor in connection with block 706. If the final AT value andthe expected AT value do not match, then the MMIO security engine 140sets the fail flag.

In block 718 the processor may receive an MMIO read response withciphertext data from the MMIO security engine 140. The ciphertext datais generated by the MMIO security engine 140, which reads plaintext datafrom the accelerator. In some embodiments, the MMIO read response isreceived only if the MMIO read request was successful. Additionally oralternatively, in some embodiments an arbitrary MMIO read response isreturned if the MMIO read request was not successful. Additionally oralternatively, in some embodiments a poisoned MMIO read response isreturned if the MMIO read request was not successful. The poisonedresponse and AT are calculated to guarantee the AT generated by the MMIOsecurity engine 140 mismatches the AT calculated by the processor on thepoisoned response. Additionally or alternatively, although illustratedas being performed by the same MMIO security engine 140, in someembodiments, a different MMIO security engine 140 processes MMIOtransactions in each direction. For example, two different MMIO securityengines 140 process MMIO requests (read requests and write requests) andMMIO read responses, respectively.

In block 720 the processor reads a final AT value from the MMIO securityengine 140 and compares that value to an AT value for the MMIO readresponse calculated by the processor. The calculated AT value isdetermined by processor 120 based on the ciphertext received in the MMIOread response. If the final AT value matches the calculated AT value,then the MMIO read response was performed successfully. If the final ATvalue does not match the calculated AT value, then either the MMIO readresponse was not performed successfully or the MMIO read request was notperformed successfully. For example, as described further below, if theMMIO read request is not successful, the MMIO security engine 140returns an arbitrary MMIO read response and a poisoned AT value thatdoes not match the MMIO read response.

In block 722 processor 120 checks whether the MMIO read request wassuccessfully performed. For example, the processor determines whether ornot the fail flag was set after sending the MMIO read request and/or theprocessor determines whether the AT received from the MMIO securityengine 140 matches the calculated AT for the MMIO read response. If theMMIO read request was not successful, the method 700 branches to block724, in which the processor indicates an authentication (AUTH) error.Referring back to block 722, if the MMIO read request was successfullyperformed, the method loops back to block 706, in which the processormay perform additional MMIO requests.

FIG. 8 discloses a method 800 for performing secure MMIO transactions,including MMIO read requests, MMIO write requests, and/or MMIO readresponses. It should be appreciated that, in some embodiments, theoperations of method 800 may be performed by one or more components ofcomputing environment 300 of computing device 100 as shown in FIG. 3,such as MIMO security engine 140. The method begins in block 804, whereMMIO security engine 140 determines whether an MMIO transaction has beenreceived. The MMIO transaction may be an MMIO read request, an MMIOwrite request, or an MMIO read response. MMIO read requests and MMIOwrite requests may be received from processor 120, and MMIO readresponses may be received from accelerator 136. Additionally oralternatively, as described above, in some embodiments separate MMIOsecurity engines 140 may receive MMIO requests (MMIO read requests andMMIO write requests) and MMIO read responses, respectively. If no MMIOtransaction was received, method 800 loops back to block 804 to continuewaiting for MMIO transactions. If an MMIO transaction is received, thenthe method 800 advances to block 806.

In block 806, the MMIO security engine 140 bitwise exclusive ORs (XOR,or the symbol ⊕) the input data block with 64 bits of the current output(e.g., permutation state) of 64-bit permutation cipher pipeline 1 406.The input data block may be 32 bits or 64 bits in length. Thus, XORingthe 64 bits of the output of the 64-bit permutation cipher pipeline 1406 with the input data performs a cryptographic operation on the inputdata. In some embodiments, in block 808 MMIO security engine 140decrypts ciphertext C data 412 to generate plaintext P data 408, forexample when processing an MMIO write request from the processor. Inthat example, the MMIO security engine 140 calculates P=C⊕406. In someembodiments, in block 810 MMIO security engine 140 performs anencryption operation with a predetermined constant ciphertext C or anempty ciphertext C, for example when processing an MMIO read requestfrom the processor. The predetermined ciphertext C may be, for example,a block of data with each bit set to zero. In that example, the MMIOread request does not include a data payload, and thus the cryptographicoperation may be performed to facilitate generation of theauthentication tag (AT) 446. In some embodiments, in block 812 MMIOsecurity engine 140 encrypts plaintext P data 408 to generate ciphertextC data 412, for example when processing an MMIO read response fromaccelerator 136. In that example, MMIO security engine 140 calculatesC=P⊕406.

In block 814, MMIO security engine 140 generates a final authenticationtag (AT) 446 for the MMIO transaction. The generation of final AT 446 isperformed according to Equation 1 described above. In block 816, MMIOsecurity engine 140 concatenates the incoming MMIO data block (e.g.,either 64-bit plaintext data 408 or 64-bit ciphertext data 412) with the128-bit AAD 414. As described above, in some embodiments the ciphertextC data may be a predetermined constant value (e.g., a zero block) forMMIO read requests or other transactions that do not include a datapayload. In block 818, the MMIO security engine 140 performs a bitwiseXOR (XOR₂ 418) of the concatenation results with N bits of the output offirst permutation pipeline 1 406 (e.g., latest permutation state). Atblock 819, MMIO security engine 140 performs 64-bit permutation cipherpipeline 2 420 on the result of XOR₂ 418 and key 402. The result of the64-bit permutation cipher pipeline 2 420 is tag 446 (or tag 502 fordecryption).

When input data is received during a clock cycle, the ciphertext data412/plaintext data 408 and the AT 446/502 are generated in three toseven cycles later based on the underlying permutation function and itsrespective pipeline design.

In block 820, MMIO security engine 140 determines whether the final ATvalue 446 matches an AT value stored in a register by processor 120before the MMIO transaction. As described above in connection with FIG.7, the processor may write the expected AT value before issuing an MMIOwrite request or an MMIO read request. If the final AT value does notmatch the expected AT value, then an error or attempted attack (e.g.,attempted splicing attack or DoS attack) may have occurred. For example,writes to the AT register and MMIO transaction requests may benon-atomic, which may allow an attacker to write an incorrect value tothe AT register and/or send a false MMIO request. In thosecircumstances, the AT values would not match, indicating a potentialattack. As another example, a malicious actor may submit an improperMMIO transaction request (e.g., an MMIO transaction request with anincorrect AT). In block 822, MMIO security engine 140 checks whether theAT values match. If not, the method 800 branches to block 830, describedbelow. If the AT values match, the method 800 branches to block 824. Itshould be understood that for MMIO read responses generated byaccelerator 136, processor 120 does not write an expected AT value andthus the MMIO security engine 140 may not check AT values. If no ATcheck is performed, the method 800 advances to block 824.

In block 824, MMIO security engine 140 updates the IV. For a blockedsession of multiple MMIO transactions, the value for IV may beincremented for each MMIO transaction. Method 800 loops back to block804 to process additional MMIO transactions.

Referring back to block 822, if the AT value written by the processorand the final AT value generated by the MMIO security engine 140 do notmatch, the method branches to block 830, in which the MMIO securityengine sets the fail flag. In response to a mismatch, MMIO securityengine 140 may drop packets or otherwise prevent the MMIO transactionfrom reaching accelerator 136. Thus, MMIO security engine 140 mayprevent splicing or spoofing attacks and other improperly formed MMIOrequests. For a mismatched MMIO read request, MMIO security engine 140may send an arbitrary MMIO read response and store a poisoned AT (e.g.,a mismatched AT or other AT that indicates failure) that may allow theprocessor to detect the authentication failure. Additionally oralternatively, storing a poisoned AT may not be necessary if theprocessor checks the fail flag for success of the MMIO read request.Note that in the case of an AT mismatch, MMIO security engine 140 doesnot update the IV. Thus, the state of secure MMIO security engine 140 isunchanged, and processor 120 (e.g., trusted execution environment 302)and the MMIO security engine remain synchronized for future MMIOtransactions. Accordingly, by avoiding the need to re-synchronize afteran incorrect AT and/or MMIO transaction, the MMIO security engineprevents certain denial-of-service (DoS) attacks without additionalperformance overhead. After setting the fail flag, method 800 loops backto block 804 in which secure MMIO security engine 140 processesadditional MMIO transactions.

It should be appreciated that, in some embodiments, the methods 600,700, and/or 800 are embodied as various instructions stored on acomputer-readable media, which are executed by processor 120, I/Osubsystem 124, MMIO security engine 140, accelerator 136, and/or othercomponents of computing device 100 to cause the computing device toperform the respective method 600, 700, and/or 800. Thecomputer-readable media may be embodied as any type of media capable ofbeing read by computing device 100 including, but not limited to, memory130, data storage device 132, firmware devices, other memory or datastorage devices of the computing device, portable media readable by aperipheral device 142 of the computing device, and/or other media.

The following examples pertain to further embodiments.

Example 1 is an apparatus including a first permutation pipeline todefuse a count and a key into a permutation state; a first exclusive-OR(XOR) to generate ciphertext data from 64-bits of the permutation stateand plaintext data; a concatenator to concatenate the plaintext data andadditional authenticated data (AAD) to produce a concatenation result; asecond XOR to generate an XOR result from the concatenation result andthe permutation state; and a second permutation pipeline to generate anauthentication tag of the XOR result and the key.

In Example 2 the subject matter of Example 1 can optionally includewherein the apparatus generates the ciphertext data and theauthentication tag in one clock cycle with no buffering of plaintextdata.

In Example 3 the subject matter of Example 1 can optionally includewherein the plaintext data, the ciphertext data, and the authenticationtag comprise 64 bits.

In Example 4 the subject matter of Example 3 can optionally includewherein the AAD comprises 128 bits and the concatenation resultcomprises 192 bits.

In Example 5 the subject matter of Example 1 can optionally includewherein the first permutation pipeline and the second permutationpipeline comprise GIMLI permutation ciphers, Xoodoo permutation ciphers,Subterranean permutation ciphers, or Keccak permutation ciphers.

In Example 6 the subject matter of Example 5 can optionally includewherein when the first permutation pipeline and the second permutationpipeline comprise GIMLI permutation ciphers or Xoodoo permutationciphers, and a size of the permutation state processed by the second XORis 384 bits.

In Example 7 the subject matter of Example 5 can optionally includewherein when the first permutation pipeline and the second permutationpipeline comprise Subterranean permutation ciphers, and a size of thepermutation state processed by the second XOR is 257 bits.

In Example 8 the subject matter of Example 5 can optionally includewherein when the first permutation pipeline and the second permutationpipeline comprise Keccak permutation ciphers, and a size of thepermutation state processed by the second XOR is 1,600 bits.

Example 9 is an apparatus including a first permutation pipeline todefuse a count and a key into a permutation state; a first exclusive-OR(XOR) to generate plaintext data from 64-bits of the permutation stateand ciphertext data; a concatenator to concatenate the plaintext dataand additional authenticated data (AAD) to produce a concatenationresult; a second XOR to generate an XOR result from the concatenationresult and the permutation state; and a second permutation pipeline togenerate an authentication tag of the XOR result and the key.

In Example 10 the subject matter of Example 9 can optionally includewherein the apparatus generates the ciphertext data and theauthentication tag in one cycle with no buffering of plaintext data.

In Example 11 the subject matter of Example 9 can optionally includewherein the first permutation pipeline and the second permutationpipeline comprise GIMLI permutation ciphers, Xoodoo permutation ciphers,Subterranean permutation ciphers, or Keccak permutation ciphers.

In Example 12 the subject matter of Example 11 can optionally includewherein when the first permutation pipeline and the second permutationpipeline comprise GIMLI permutation ciphers or Xoodoo permutationciphers, and a size of the permutation state processed by the second XORis 384 bits.

In Example 13 the subject matter of Example 11 can optionally includewherein when the first permutation pipeline and the second permutationpipeline comprise Subterranean permutation ciphers, and a size of thepermutation state processed by the second XOR is 257 bits.

In Example 14 the subject matter of Example 11 can optionally includewherein when the first permutation pipeline and the second permutationpipeline comprise Keccak permutation ciphers, and a size of thepermutation state processed by the second XOR is 1,600 bits.

Example 15 is a method including the steps of defusing a count and a keyby a first permutation cipher pipeline into a permutation state;generating ciphertext data by a first exclusive-OR (XOR) from 64-bits ofthe permutation state and plaintext data; concatenating the plaintextdata and additional authenticated data (AAD) to produce a concatenationresult; generating an XOR result by a second XOR from the concatenationresult and the permutation state; and generating an authentication tagby a second permutation pipeline from the XOR result and the key.

In Example 16 the subject matter of Example 15 can optionally includegenerating the ciphertext data and the authentication tag in one clockcycle with no buffering of plaintext data.

In Example 17 the subject matter of Example 15 can optionally includewherein the plaintext data, the ciphertext data, and the authenticationtag comprise 64 bits.

In Example 18 the subject matter of Example 15 can optionally includewherein the AAD comprises 128 bits and the concatenation resultcomprises 192 bits.

In Example 19 the subject matter of Example 15 can optionally includewherein the first permutation pipeline and the second permutationpipeline comprise GIMLI permutation ciphers, Xoodoo permutation ciphers,Subterranean permutation ciphers, or Keccak permutation ciphers.

In Example 20 the subject matter of Example 19 can optionally includewherein when the first permutation pipeline and the second permutationpipeline comprise GIMLI permutation ciphers or Xoodoo permutationciphers, and a size of the permutation state processed by the second XORis 384 bits.

In Example 21 the subject matter of Example 19 can optionally includewherein when the first permutation pipeline and the second permutationpipeline comprise Subterranean permutation ciphers, and a size of thepermutation state processed by the second XOR is 257 bits.

In Example 22 the subject matter of Example 19 can optionally includewherein when the first permutation pipeline and the second permutationpipeline comprise Keccak permutation ciphers, and a size of thepermutation state processed by the second XOR is 1,600 bits.

Example 23 is a method including the steps of defusing a count and a keyby a first permutation cipher pipeline into a permutation state;generating plaintext data by a first exclusive-OR (XOR) from 64-bits ofthe permutation state and ciphertext data; concatenating the plaintextdata and additional authenticated data (AAD) to produce a concatenationresult; generating an XOR result by a second XOR from the concatenationresult and the permutation state; and generating an authentication tagby a second permutation pipeline from the XOR result and the key.

In Example 24 the subject matter of Example 23 can optionally includegenerating the ciphertext data and the authentication tag in one clockcycle with no buffering of plaintext data.

In Example 25 the subject matter of Example 23 can optionally includewherein the first permutation pipeline and the second permutationpipeline comprise GIMLI permutation ciphers, Xoodoo permutation ciphers,Subterranean permutation ciphers, or Keccak permutation ciphers.

Example 26 is an apparatus including means for defusing a count and akey by a first permutation cipher pipeline into a permutation state;means for generating ciphertext data by a first exclusive-OR (XOR) from64-bits of the permutation state and plaintext data; means forconcatenating the plaintext data and additional authenticated data (AAD)to produce a concatenation result; means for generating an XOR result bya second XOR from the concatenation result and the permutation state;and means for generating an authentication tag by a second permutationpipeline from the XOR result and the key.

Example 23 is an apparatus including means for defusing a count and akey by a first permutation cipher pipeline into a permutation state;means for generating plaintext data by a first exclusive-OR (XOR) from64-bits of the permutation state and ciphertext data; means forconcatenating the plaintext data and additional authenticated data (AAD)to produce a concatenation result; means for generating an XOR result bya second XOR from the concatenation result and the permutation state;and means for generating an authentication tag by a second permutationpipeline from the XOR result and the key.

1. An apparatus comprising: a first permutation pipeline to defuse acount and a key into a permutation state; a first exclusive-OR (XOR) togenerate ciphertext data from 64-bits of the permutation state andplaintext data; a concatenator to concatenate the plaintext data andadditional authenticated data (AAD) to produce a concatenation result; asecond XOR to generate an XOR result from the concatenation result andthe permutation state; and a second permutation pipeline to generate anauthentication tag of the XOR result and the key.
 2. The apparatus ofclaim 1, wherein the apparatus generates the ciphertext data and theauthentication tag in one clock cycle with no buffering of plaintextdata.
 3. The apparatus of claim 1, wherein the plaintext data, theciphertext data, and the authentication tag comprise 64 bits.
 4. Theapparatus of claim 3, wherein the AAD comprises 128 bits and theconcatenation result comprises 192 bits.
 5. The apparatus of claim 1,wherein the first permutation pipeline and the second permutationpipeline comprise GIMLI permutation ciphers, Xoodoo permutation ciphers,Subterranean permutation ciphers, or Keccak permutation ciphers.
 6. Theapparatus of claim 5, wherein when the first permutation pipeline andthe second permutation pipeline comprise GIMLI permutation ciphers orXoodoo permutation ciphers, and a size of the permutation stateprocessed by the second XOR is 384 bits.
 7. The apparatus of claim 5,wherein when the first permutation pipeline and the second permutationpipeline comprise Subterranean permutation ciphers, and a size of thepermutation processed by the second XOR is 257 bits.
 8. The apparatus ofclaim 5, wherein when the first permutation pipeline and the secondpermutation pipeline comprise Keccak permutation ciphers, and a size ofthe permutation state processed by the second XOR is 1,600 bits.
 9. Anapparatus comprising: a first permutation pipeline to defuse a count anda key into a permutation state; a first exclusive-OR (XOR) to generateplaintext data from 64-bits of the permutation state and ciphertextdata; a concatenator to concatenate the plaintext data and additionalauthenticated data (AAD) to produce a concatenation result; a second XORto generate an XOR result from the concatenation result and thepermutation state; and a second permutation pipeline to generate anauthentication tag of the XOR result and the key.
 10. The apparatus ofclaim 9, wherein the apparatus generates the ciphertext data and theauthentication tag in one clock cycle with no buffering of plaintextdata.
 11. The apparatus of claim 9, wherein the first permutationpipeline and the second permutation pipeline comprise GIMLI permutationciphers, Xoodoo permutation ciphers, Subterranean permutation ciphers,or Keccak permutation ciphers.
 12. The apparatus of claim 11, whereinwhen the first permutation pipeline and the second permutation pipelinecomprise GIMLI permutation ciphers or Xoodoo permutation ciphers, and asize of the permutation state processed by the second XOR is 384 bits.13. The apparatus of claim 11, wherein when the first permutationpipeline and the second permutation pipeline comprise Subterraneanpermutation ciphers, and a size of the permutation state processed bythe second XOR is 257 bits.
 14. The apparatus of claim 11, wherein whenthe first permutation pipeline and the second permutation pipelinecomprise Keccak permutation ciphers, and a size of the encrypted countprocessed by the second XOR is 1,600 bits.
 15. A method comprising:defusing a count and a key by a first permutation pipeline into apermutation state; generating ciphertext data by a first exclusive-OR(XOR) from 64-bits of the permutation state and plaintext data;concatenating the plaintext data and additional authenticated data (AAD)to produce a concatenation result; generating an XOR result by a secondXOR from the concatenation result and the permutation state; andgenerating an authentication tag by a second permutation pipeline fromthe XOR result and the key.
 16. The method of claim 15, comprisinggenerating the ciphertext data and the authentication tag in one clockcycle with no buffering of plaintext data.
 17. The method of claim 15,wherein the plaintext data, the ciphertext data, and the authenticationtag comprise 64 bits.
 18. The method of claim 17, wherein the AADcomprises 128 bits and the concatenation result comprises 192 bits. 19.The method of claim 15, wherein the first permutation pipeline and thesecond permutation pipeline comprise GIMLI permutation ciphers, Xoodoopermutation ciphers, Subterranean permutation ciphers, or Keccakpermutation ciphers.
 20. The method of claim 19, wherein when the firstpermutation pipeline and the second permutation pipeline comprise GIMLIpermutation ciphers or Xoodoo permutation ciphers, and a size of thepermutation state processed by the second XOR is 384 bits.
 21. Themethod of claim 19, wherein when the first permutation pipeline and thesecond permutation pipeline comprise Subterranean permutation ciphers,and a size of the permutation state processed by the second XOR is 257bits.
 22. The method of claim 19, wherein when the first permutationpipeline and the second permutation pipeline comprise Keccak permutationciphers, and a size of the permutation state processed by the second XORis 1,600 bits.
 23. A method comprising: defusing a count and a key by afirst permutation cipher pipeline into a permutation state; generatingplaintext data by a first exclusive-OR (XOR) from 64-bits of thepermutation state and ciphertext data; concatenating the plaintext dataand additional authenticated data (AAD) to produce a concatenationresult; generating an XOR result by a second XOR from the concatenationresult and the permutation state; and generating an authentication tagby a second permutation pipeline from the XOR result and the key. 24.The method of claim 23, comprising generating the ciphertext data andthe authentication tag in one clock cycle with no buffering of plaintextdata.
 25. The method of claim 23, wherein the first permutation pipelineand the second permutation pipeline comprise GIMLI permutation ciphers,Xoodoo permutation ciphers, Subterranean permutation ciphers, or Keccakpermutation ciphers.